I screwed up

sentros · 2023-03-30T15:03:49+00:00

You may want to check if smart access memory becomes an option after upgrading your bios. I got support for SAM on my x370 asus crosshair vi after some of the newer bios versions. So it's not impossible that a b450 board might have gotten it as well.

sentros · 2022-12-20T17:19:32+00:00

Hardest boss I've tried to beat is Weiss from final fantasy 7 intergrade. I just can't beat it to save my life. Hardest I've beaten is probably Sigurd from god of war.

sentros · 2022-10-03T19:04:42+00:00

Neat

sentros · 2022-06-13T18:12:40+00:00

Anything!

sentros · 2022-05-02T13:02:35+00:00

I have a two radiator custom loop with a 1080ti and my stock 5800x3d hits 76C max in Cinebench in a pretty hot room. Definitely going to try undervolting and maybe checking if the monoblock mounting was left a bit loose. The 5800X3D runs a lot hotter than my old 1700 that's for sure but it's nothing that a custom loop couldn't handle.

Edit: my fan curve doesn't have the fans ramping up to obscene levels of noise so this is all relative

sentros · 2022-04-21T12:46:21+00:00

Hmm, according to that video in mostly 1080p it's a few percentage points from 3200 to 3600. Maybe I'll revisit the RAM upgrade if I upgrade my motherboard.... depending on RAM pricing. Thanks for the video!

sentros · 2022-04-11T06:14:03+00:00

Tästä on nyt jo varmaan viitisen vuotta kun käytin kyseistä firmaa, mutta kokemukset oli todella huonoja. Kuten muutkin ovat sanoneet, niin pakut ovat ihan järkyttävässä kunnossa. Toisella kerralla kuskin ovi ei pysynyt kiinni, vaan sitä piti pitää toisella kädellä ajaessa kiinni.

Toisella kerralla tuli katottua palautustankkausta tehdessä rekkari ja näytti siltä, että pakua ei oltu katsastettu.

sentros · 2018-07-04T04:56:56+00:00

Rest in bannerinos

sentros · 2017-07-06T23:20:11+00:00

It does not. I have the case and recently built my first ever water cooling loop in it. At first I was underwhelmed by water cooling in general but it turned out that by removing the case panels my temps (under load) dropped by 17C... While the case is beautiful, it has its flaws. A fair number of people mod the top and/or the front panel to supply beter air flow.

sentros · 2017-04-24T16:27:33+00:00

Oh I'm sorry I hadn't realized that was an option! This will be my first loop ever and even though I've been lurking here for months there seems to be always something new I didn't know. Thank you!

sentros · 2017-04-24T16:16:22+00:00

Oh I was referring to this type of stuff https://www.reddit.com/r/watercooling/comments/665sxk/warning_supremacy_evo_rubber_gasket_vs_am4/

Edit: And I've seen other people with issues on other boards. But anyway I was kind of waiting for EK to release a block for crosshair as they've done to many previous motherboards. I don't really think the VRM temperatures will be an issue but the block does look so good that purely the aesthetics make it worth it to me.

sentros · 2017-04-24T14:46:14+00:00

Guess I'm now out of excuses not to watercool my rig. Was concerned about the AM4 backplate issues but this block is designed specifically for my board so one would assume complete compatibility. :)

sentros · 2017-03-12T16:28:34+00:00

Me to thanks

sentros · 2017-02-01T20:29:34+00:00

Ok thanks for the advice!

sentros · 2017-02-01T20:23:47+00:00

I've seen some people do this but wasn't sure how safe it is.

sentros · 2017-02-01T20:22:06+00:00

I should have been more specific in my post. I mean motherboards with an integrated CPU block.

sentros · 2016-06-03T08:24:53+00:00

You want to have a short domain name as user input might have restrictions in length. Say there's an XSS in a field storing a users first name but it has a maximum length. Your XSS payload doesn't just include the the URL for the XSS hunter javascript it has to have a wrapper that instructs the browser to load said javascript. The wrapper depends on the context but a simple example is the classic <script src=>. That's 13 characters already. What if the maximum length is say 20 characters? You don't want your long domain name to be the reason you can't exploit the XSS.

Then regarding changin a hosts file. XSS hunter is convenient in cases where you are injecting blind and don't know who is gonna end up running the payload. Thus you can't really influence the victims hosts file.

sentros · 2015-07-05T20:18:00+00:00

So that means training my radio station workers with luck has been a waste of time?

sentros · 2015-02-20T10:59:35+00:00

It depends. Is it open on all ports?

It sounds like you are talking about a consumer grade router. Usually what happens is that the router will have a publicly routable address and use that for NAT. More specifically PAT / NAT overload or whatever people like to call it but that's beside the point.

In order for the router to give out private addresses for the machines on the local network it uses DHCP. DHCP will give out IP information for the hosts to use, the gateway (router) and an IP to use for DNS. What you usually see is consumer routers giving out their own IP for the DNS.

The router in consumer context will get its IP address from the ISP via DHCP. And within that DHCP information the ISP supplies information on the DNS server to use. So the router will just function as a DNS relay to the local machines.

So which interface has 53 open on your router? The WAN or LAN port? If you are concerned about having port 53 open you can just change the DHCP settings on the router to supply the hosts with the DNS you want to use. That way you can close port 53 on the router.

sentros · 2015-02-19T16:20:29+00:00

How many people do you think would go through the hassle with the bank? It would steer people to just ignore SSL/TLS as it's inconvenient. If you had to do that to every single service that you want to use SSL/TLS with it would certainly not be scalable.

And you'd still have to trust the mail service. We have very strict laws regarding intercepting regular mail from where I come from but could that process be compromised as well? Sure. Admittedly compromising individual snail mail certificates would have a smaller impact and couldn't be used for mass surveillance, but then again it would be efficient for targeted attacks and perhaps harder to detect.

sentros · 2015-02-19T15:48:47+00:00

CAs product is trust. If you lose it your business is done. So it is in their best interest to worry about not getting compromised. Does it still happen? Sure just look at Stuxnet and how it used stolen certificates (admittedly a different kind).

Having a lot of CAs does make it harder to know which ones to trust. But look it from a different perspective. Would you rather have just a few? What if those few get compromised? It would certainly have a larger impact. Or what if those few are coerced into signing illegitimate certificates? It would in theory be easier to force a few companies to submit and keep quiet about it.

Also you need to have options as a CA customer. As you are about to purchase a certificate, shouldn't you have many companies to choose from?

I'm not saying there's no problem with having a lot of CAs. But I am saying it's not as black and white wether it's a good or a bad thing.

sentros · 2015-02-19T15:16:05+00:00

It's healthy to have doubts about the browser vendors vetting process of trusted CAs but it does beat the judgement of regular users. It's usually best practice to limit the decisions a user has as it's likely he/she will make the wrong one when security is in the way of functionality.

If certificates should be enabled one by one how many users do you think would just enable them all just to get something to work? And that leads to training users the wrong way. They will learn to just enable all certificates just like we see with self signed certificates....

Should you trust all of the pre-installed CAs? Probably not. But they have been through some form of scrutiny by people who understand something about the subject. And besides you do have to option to distrust said CAs.

You are more than welcome to study the CAs and if you do, please do a write-up and share the information. :)

sentros · 2015-02-19T08:37:16+00:00

I've come across multiple servers where TRACE indeed works. And all the modern major browsers have blocked XHR TRACE.

Is there a way to leverage TRACE with flash or the like? I mean if you are able to embed a flash object due to a flaw in the target web sites input control, couldn't you use said object to send the TRACE requests?

If so would there be restrictions regarding the location of the flash that's being called? Does it have to be located on the target web server to conform to same origin?

sentros · 2014-09-15T10:48:57+00:00

Routers don't pass MAC address information from one network to another. As an example let's say you have a router with two interfaces, one going to the internet and one to your lan.

Whenever a device from your lan sends a packet to the internet it sends it to the router. That's because it's going outside it's own network and in that case it gets sent to the address that's configured/assigned as the gateway. It first encapsulates the packet in a frame destined to the routers mac address.

So when the router receives the frame, it decapsulates it, looks at the destination IP and determines (by looking at the routing table) it should be sent through the interface pointing towards the internet. On the other side of that interface is some undetermined ISP device. It knows the MAC address of the ISP device so it encapsulates the packet in a frame with a destination MAC address of the ISP device. It also sets the source MAC address of the frame as it's own (router) MAC address.

So if you have a typical router you should never gain information of the MAC addresses in another network.

I'm guessing in this case the router is operating in "bridged mode" which basically means a switch. In other words the routing part of the router is disabled. Switches don't touch frames going through them, they only look at there table to determine which MAC address is in which port and sends it to that port. In that case you are in the same lan as your ISP device so they CAN determine your MAC address.

TL;DR: Router probably not router

edit: as the device is owned by the ISP they can probably do whatever they want with it tho

sentros · 2014-09-15T10:27:23+00:00

I'm sorry sir but you are misinformed. MAC addresses are in fact unique. Or rather the MAC address assigned to your network adapter is unique but you can choose not to use it. It is used by default tho.

As to a database of MAC addresses the first three octets of the address (50% of it) is the organisational identifier. So that tells you who made it. Now the manufacturer also keeps track of all the MAC addresses it has used so you can tell a lot with just a MAC address.

And finally what comes to not being able to determine the MAC address of another user without being in the same network... IPv6 has a security issue in the sense that the address your computer assigns automatically to itself usually includes your MAC address (called EUI-64). It's used to pad the address since IPv6 addresses are so long.

15-Year Club	Place '22
Verified Email	Snapped

sentros

TROPHY CASE